Cypto Theft, Cyber Insurance, FREE Risk Report & More

This week's newsletter

Recent News

Crypto Scam  

Two individuals have been indicted in the U.S. for orchestrating a social engineering scheme to steal cryptocurrencies. The hackers allegedly used phishing attacks to gain unauthorised access to high-profile social media accounts and wallets.

They targeted victims by impersonating trusted contacts, leading to the theft of significant funds. This case highlights the growing trend of social engineering tactics in cybercrime. 

Phishing attacks still remain a successful tool for attackers and is especially useful when it comes to cryptocurrency based attacks. When it comes to your valuable assets its best to treat everything as a potential scam!

Cyber Cover Changes

Cyber insurance is standard for digital organisations’ nowadays. However, things are about to get a lot more expensive as insurers tighten requirements and raise premiums due to increasing ransomware incidents.

It’s not all bad, the stricter requirements are forcing companies to implement good security practices such as multi-factor authentication and regular security audits, to qualify for coverage.

Other News

  • 23andMe $30MtoYou - Personal genetics firm 23andMe has agreed to pay $30 million in cash to settle a class action lawsuit filed over a 2023 data breach impacting millions of people.

  • Salesforce Patch - A flaw that impacted Salesforce’s public link feature and involved manipulation of API calls and SOQL subqueries to retrieve customer information was recently patched.

  • Disney cut Slack - Disney to stop using Slack months after it was used to breach internal company data. Check out my TikTok post on this story when it first broke:

@infosecsam

Disney has suffered a data breach 😟 #databreach #disney #cybersecurity #starwars #marvel #hacktivist #hackers #insider

Career Development

FREE CISA Risk and Vulnerability Report

CISA has published a report describing findings from risk and vulnerability assessments conducted in 2023. The findings, based on 143 assessments, show that valid accounts and spear-phishing links are the most widely used techniques for obtaining initial access to systems.

This is extremely useful for any cybersecurity professional to understand the current threats being used by attackers. Download the report below!

Subscribe to keep reading

This content is free, but you must be subscribed to InfoSecSam's Newsletter to continue reading.

I consent to receive newsletters via email. Terms of use and Privacy policy.

Already a subscriber?Sign in.Not now